In the collaborations forming around architecting automated vehicles, automakers are realizing that they must ensure functional safety at all levels — hardware, software and network — from car to cloud. That’s why I am pleased that the Intel IoT ecosystem is working within the automotive industry to shift thinking about what we do today in order to enable the autonomous future of tomorrow.

Functional Safety, Meet Security

We see the future as one in which the automotive industry fuses functional safety with cybersecurity. The two are interrelated and mutually dependent. Current ISO 26262 guidelines for functional safety do not fully comprehend this interrelationship. SAE J3061 has emerged as a great start to the guidelines for automotive cybersecurity, however the industry will need to establish some framework for implementation, or a reference architecture and set of best-known methods that demonstrate this fusion of safety and cybersecurity.

When I speak with automotive industry leaders around the world, I am often surprised by the widely varying perspectives on these two topics. Some believe that functional safety considerations beyond the in-vehicle architectures are not necessary. However, in a world moving quickly to predominately connected vs. not connected vehicles, the effects of security and functional safety concepts in the automotive network infrastructure and data centers from an end-to-end consideration are paramount. Security vulnerabilities will open the doors to safety concerns. What is really needed is a secure end-to-end scalable architecture.

Scaling out Automated Vehicle Safety

We need partners and industry standards to scale. The Intel IoT ecosystem understands the complexity of fusing functional safety with security. From researching and developing business models with OEMs to collaborating with regulatory bodies, members of the Intel IoT ecosystem are helping guide functional safety for automated vehicles. Add to this the cybersecurity and data center expertise of Intel and you have a solid foundation for a secure end-to-end solution.

As with any nascent technology, the need for automakers to differentiate their offerings, combined with the newness of the automated driving market, is making standardization a back-burner priority. Here at Intel, we believe collaboration is the logical answer. That is why Intel remains a leader, supporter and contributor to key industry consortiums and relevant standards bodies, and we have actively contributed on both ISO 26262 and SAE J3061.

The Road to Autonomous

Fueled by decades of success, the Intel IoT ecosystem is paving the road ahead for the automated vehicles of the future. That is what happens when innovation and collaboration merge on the road to fully automated vehicles. Intel is a logical trusted advisor to the auto industry for safety and security — together we can make a better future.

As director of strategic planning and production management for Intel’s Transportation Solutions Division, one thing I am particularly excited about these days is the future of automated vehicles. Advances we’re making in connected car technologies have tremendous potential to change our lives and societies for the better. Just imagine it: zero accidents, reduced congestion in the world’s most polluted cities and mobility for all.

Here at Intel, we’ve identified three key pillars that will guide us on the road to an automated vehicle future: the car (including in-vehicle computing and human-machine interfaces, or HMIs), the cloud and data center, and the communications that connect them, specifically 5G. Paramount to each of these pillars is security.

Yet while opportunity awaits, many automakers are still struggling to fuse together automated vehicle platform security. Today’s operating systems and automotive applications can have more than 100 million lines of code, making it challenging for an automaker to ensure that software is secure. Usually, there is an expectation that software will have a defect rate of 0.75 per function point, of which some percentage will cause security vulnerabilities. Agile product life cycle methodologies allow for collective learned enhancements (like maps, traffic data, parking and enhanced visual and cognitive acuity via deep learning updates), security patches and service upgrades with secure software over the air (SOTA) updates.

Architecting Security

The Intel ecosystem is working to build resilient security and in-depth architecture, starting at the silicon level and extending to the operating system. Together, we’re protecting communication channels between devices and to the automotive data center for trusted software updates and secure downloads of maps and other navigational information. This fits right into what I consider to be some overall best practices for designing a secure automated driving environment. Along with that, we’re analyzing risk, combining functional safety and security teams, and architecting for requirements.

People can sometimes underestimate how broad a topic automotive security is, from initial design phases through manufacturing and production. By starting early and doing a holistic analysis, you can analyze threats and identify risks, then you can prioritize those risks and focus on hardening your architecture and solution. But it’s an industry and ecosystem challenge. No single company can solve automotive cybersecurity on its own.

Securing the Ride

Historically, all existing security technologies evolve to address threats of their time. For example, intrusion detection systems (IDS) evolved in the 1980s in response to the proliferation of viruses and worms on personal computers, and public key cryptography was invented in the 1970s to secure network communications.

Today, we are doing research into new security technology that can help protect cyberphysical systems. This new technology will allow detection of security failures and will be able to self-recover or self-heal. It will also incorporate elements of artificial intelligence to create necessary levels of resiliency.

Driving toward the Future

Looking ahead, we are setting new standards and defining future architectures for safe, secure transportation that spans the vehicle, communications and data center. With cross-company technology and product leadership across IoT, data center, Intel Security, Wind River Systems, Intel Labs, and our new acquisitions of Nervana, Arynga, Itseez and YOGITECH in particular, Intel is uniquely positioned to prepare automakers and suppliers for the amazing future of transportation. And with our continued commitment to scalable, end-to-end security solutions, the Intel IoT ecosystem is providing layered protection from chip to cloud for a safer tomorrow.

Firedot Highlight Reports

Getting threat intelligence into your existing security products – SIEMs, endpoints, network tools — can significantly enhance their effectiveness. Here at Anomali we understand the value of product integrations, so much so that my entire job is to manage the 30+ we currently offer. Recently we launched a feature that allows you to create your own threat […]

The intelligence in this week’s iteration discuss the following threats: Compromised server, Cryptocurrency miner, Data theft, Malspam, Phishing, Targeted attacks, Underground markets, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity. Trending Threats Olympic Destroyer Takes Aim At Winter […]

In our last post, we talked about how companies can use the concept of a No-Fly list to keep malicious actors out of their networks. So how does a cyber No-Fly list work in a real situation? We spoke with one of our customers, Alaska Airlines, about how they make the most of threat intelligence […]

My name is Teddy Powers. I have worked for Anomali (formerly ThreatStream) for almost the last three years and it’s been one of the best experiences of my life. But if you looked at my résumé or LinkedIn, much like anyone else, you’d do a double take. How in the world did he score a […]

North Korea, or more formally, the Democratic People’s Republic of North Korea (DPRK), is no stranger to international headlines. Most notably, it has captured attention in recent years for its nuclear testing and ballistic missile launches. Events in the cyber landscape have brought negative attention to North Korea as well. The United States officially blamed […]